Commit graph

6 commits

Author SHA1 Message Date
Bobby Rullo
55040c55fa server, integration, cmd: Protect Admin API
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
Bobby Rullo
62aa12fa6c cmd/dex-overlord: was using the wrong err 2015-09-01 17:07:10 -07:00
Bobby Rullo
9b64ecb2d7 cmd/dex-overlord: bind admin API on 127.0.0.1
Instead of 0.0.0.0; this is safer, since the admin API is very powerful.

fixes #97
2015-08-31 13:42:16 -07:00
Bobby Rullo
d0c199b62c cmd, server: base64 encode multiple secrets
Two things here:

    * key secrets are now base64 encoded strings, so we get the full key
      space

    * we can pass >1 of them in so we can rotate them
2015-08-26 10:43:24 -07:00
Bobby Rullo
8b6a2699d9 cmd/dex-overlord, db: migrations in overlord
Migrations happen only in the overlord, so there's no thundering herd,
and database initialziation can be more easily controlled.
2015-08-20 11:44:43 -07:00
Bobby Rullo
66fe201c24 *: move original project to dex 2015-08-18 11:26:57 -07:00